NodeJS/phantomjs/1.9.2-4
Headless WebKit with JS API
https://www.npmjs.com/package/phantomjs
Apache-2.0
1 Security Vulnerabilities
PhantomJS Arbitrary File Read
Published date: 2022-05-24T22:01:03Z
CVE: CVE-2019-17221
Links:
PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file://
URI. The vulnerability exists in the page.open()
function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render()
is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.
Affected versions:
["0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "1.8.0-1", "1.8.1-1", "1.8.1-2", "1.8.1-3", "1.8.2-0", "1.8.2-1", "1.8.2-2", "1.9.0-0", "1.9.0-1", "1.9.0-2", "1.9.0-3", "1.9.0-4", "1.9.0-5", "1.9.0-6", "1.9.1-0", "1.9.1-2", "1.9.1-3", "1.9.1-4", "1.9.1-5", "1.9.1-6", "1.9.1-7", "1.9.1-8", "1.9.1-9", "1.9.2-0", "1.9.2-1", "1.9.2-2", "1.9.2-3", "1.9.2-4", "1.9.2-5", "1.9.2-6", "1.9.6-0", "1.9.7-1", "1.9.7-3", "1.9.7-4", "1.9.7-5", "1.9.7-6", "1.9.7-7", "1.9.7-8", "1.9.7-9", "1.9.7-10", "1.9.7-11", "1.9.7-12", "1.9.7-13", "1.9.7-14", "1.9.7-15", "1.8.2-3", "1.9.8", "1.9.9", "1.9.10", "1.9.11", "1.9.12", "1.9.13", "1.9.15", "1.9.16", "1.9.17", "1.9.18", "1.9.19", "2.1.1", "1.9.20"]
Secure versions:
[2.1.2, 2.1.3-deprecated, 2.1.3, 2.1.7]
Recommendation:
Update to version 2.1.7.
81 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
2.1.7 | Apache-2.0 | 2016-04-07 - 14:53 | about 8 years | |
2.1.3 | Apache-2.0 | 2016-01-28 - 04:47 | over 8 years | |
2.1.3-deprecated | Apache-2.0 | 2016-01-28 - 04:40 | over 8 years | |
2.1.2 | Apache-2.0 | 2016-01-25 - 22:56 | over 8 years | |
2.1.1 | Apache-2.0 | 1 | 2016-01-25 - 21:14 | over 8 years |
1.9.20 | Apache-2.0 | 1 | 2016-03-31 - 17:15 | about 8 years |
1.9.19 | Apache-2.0 | 1 | 2015-11-24 - 16:38 | over 8 years |
1.9.18 | Apache-2.0 | 1 | 2015-08-10 - 15:18 | over 8 years |
1.9.17 | Apache-2.0 | 1 | 2015-05-21 - 16:16 | almost 9 years |
1.9.16 | Apache-2.0 | 1 | 2015-03-03 - 18:09 | about 9 years |
1.9.15 | Apache-2.0 | 1 | 2015-01-28 - 17:27 | over 9 years |
1.9.13 | Apache-2.0 | 1 | 2014-12-19 - 18:04 | over 9 years |
1.9.12 | Apache-2.0 | 1 | 2014-10-27 - 19:56 | over 9 years |
1.9.11 | Apache-2.0 | 1 | 2014-10-16 - 16:12 | over 9 years |
1.9.10 | Apache-2.0 | 1 | 2014-09-24 - 16:51 | over 9 years |
1.9.9 | Apache-2.0 | 1 | 2014-09-17 - 18:39 | over 9 years |
1.9.8 | Apache-2.0 | 1 | 2014-09-17 - 16:10 | over 9 years |
1.9.7-15 | Apache-2.0 | 1 | 2014-07-23 - 13:41 | almost 10 years |
1.9.7-14 | Apache-2.0 | 1 | 2014-07-09 - 23:17 | almost 10 years |
1.9.7-13 | Apache-2.0 | 1 | 2014-07-09 - 16:13 | almost 10 years |
1.9.7-12 | Apache-2.0 | 1 | 2014-06-28 - 17:17 | almost 10 years |
1.9.7-11 | Apache-2.0 | 1 | 2014-06-28 - 17:12 | almost 10 years |
1.9.7-10 | Apache-2.0 | 1 | 2014-06-24 - 00:25 | almost 10 years |
1.9.7-9 | Apache-2.0 | 1 | 2014-06-18 - 17:36 | almost 10 years |
1.9.7-8 | Apache-2.0 | 1 | 2014-05-24 - 02:04 | almost 10 years |
1.9.7-7 | Apache-2.0 | 1 | 2014-05-23 - 17:13 | almost 10 years |
1.9.7-6 | Apache-2.0 | 1 | 2014-05-21 - 22:38 | almost 10 years |
1.9.7-5 | Apache-2.0 | 1 | 2014-04-28 - 19:16 | about 10 years |
1.9.7-4 | Apache-2.0 | 1 | 2014-04-22 - 02:36 | about 10 years |
1.9.7-3 | Apache-2.0 | 1 | 2014-04-02 - 15:39 | about 10 years |
1.9.7-1 | Apache-2.0 | 1 | 2014-01-27 - 18:35 | over 10 years |
1.9.6-0 | Apache-2.0 | 1 | 2014-01-24 - 17:31 | over 10 years |
1.9.2-6 | Apache-2.0 | 1 | 2013-12-20 - 22:38 | over 10 years |
1.9.2-5 | Apache-2.0 | 1 | 2013-12-05 - 22:01 | over 10 years |
1.9.2-4 | Apache-2.0 | 1 | 2013-11-20 - 17:05 | over 10 years |
1.9.2-3 | Apache-2.0 | 1 | 2013-11-19 - 17:12 | over 10 years |
1.9.2-2 | Apache-2.0 | 1 | 2013-10-01 - 21:08 | over 10 years |
1.9.2-1 | Apache-2.0 | 1 | 2013-09-19 - 14:45 | over 10 years |
1.9.2-0 | Apache-2.0 | 1 | 2013-09-09 - 15:02 | over 10 years |
1.9.1-9 | Apache-2.0 | 1 | 2013-09-03 - 16:11 | over 10 years |
1.9.1-8 | Apache-2.0 | 1 | 2013-08-19 - 21:52 | over 10 years |
1.9.1-7 | Apache-2.0 | 1 | 2013-08-19 - 18:38 | over 10 years |
1.9.1-6 | Apache-2.0 | 1 | 2013-08-18 - 00:02 | over 10 years |
1.9.1-5 | Apache-2.0 | 1 | 2013-08-14 - 22:26 | over 10 years |
1.9.1-4 | Apache-2.0 | 1 | 2013-08-13 - 21:35 | over 10 years |
1.9.1-3 | Apache-2.0 | 1 | 2013-08-13 - 18:28 | over 10 years |
1.9.1-2 | Apache-2.0 | 1 | 2013-08-12 - 18:54 | over 10 years |
1.9.1-0 | Apache-2.0 | 1 | 2013-06-13 - 14:36 | almost 11 years |
1.9.0-6 | Apache-2.0 | 1 | 2013-05-29 - 01:28 | almost 11 years |
1.9.0-5 | Apache-2.0 | 1 | 2013-05-28 - 17:07 | almost 11 years |
1.9.0-4 | Apache-2.0 | 1 | 2013-05-17 - 17:11 | almost 11 years |
1.9.0-3 | Apache-2.0 | 1 | 2013-04-23 - 02:34 | about 11 years |
1.9.0-2 | Apache-2.0 | 1 | 2013-04-14 - 17:05 | about 11 years |
1.9.0-1 | Apache-2.0 | 1 | 2013-04-02 - 23:17 | about 11 years |
1.9.0-0 | Apache-2.0 | 1 | 2013-03-25 - 21:11 | about 11 years |
1.8.2-3 | Apache-2.0 | 1 | 2014-09-04 - 16:04 | over 9 years |
1.8.2-2 | Apache-2.0 | 1 | 2013-03-20 - 16:17 | about 11 years |
1.8.2-1 | Apache-2.0 | 1 | 2013-03-19 - 23:42 | about 11 years |
1.8.2-0 | Apache-2.0 | 1 | 2013-03-11 - 20:18 | about 11 years |
1.8.1-3 | Apache-2.0 | 1 | 2013-01-30 - 22:33 | over 11 years |
1.8.1-2 | Apache-2.0 | 1 | 2013-01-30 - 21:19 | over 11 years |
1.8.1-1 | Apache-2.0 | 1 | 2013-01-29 - 23:53 | over 11 years |
1.8.0-1 | Apache-2.0 | 1 | 2012-12-23 - 17:52 | over 11 years |
0.2.6 | Apache-2.0 | 1 | 2012-12-19 - 21:48 | over 11 years |
0.2.5 | Apache-2.0 | 1 | 2012-12-19 - 21:25 | over 11 years |
0.2.4 | Apache-2.0 | 1 | 2012-12-19 - 21:01 | over 11 years |
0.2.3 | Apache-2.0 | 1 | 2012-11-25 - 18:36 | over 11 years |
0.2.2 | Apache-2.0 | 1 | 2012-10-25 - 22:47 | over 11 years |
0.2.1 | Apache-2.0 | 1 | 2012-10-22 - 15:45 | over 11 years |
0.2.0 | Apache-2.0 | 1 | 2012-10-11 - 18:53 | over 11 years |
0.1.1 | Apache-2.0 | 1 | 2012-10-11 - 16:52 | over 11 years |
0.1.0 | Apache-2.0 | 1 | 2012-10-07 - 18:06 | over 11 years |
0.0.9 | Apache-2.0 | 1 | 2012-10-05 - 14:53 | over 11 years |
0.0.8 | Apache-2.0 | 1 | 2012-09-10 - 22:36 | over 11 years |
0.0.7 | Apache-2.0 | 1 | 2012-09-10 - 22:32 | over 11 years |
0.0.6 | Apache-2.0 | 1 | 2012-09-10 - 22:30 | over 11 years |
0.0.5 | Apache-2.0 | 1 | 2012-09-10 - 22:28 | over 11 years |
0.0.4 | Apache-2.0 | 1 | 2012-09-10 - 22:24 | over 11 years |
0.0.3 | Apache-2.0 | 1 | 2012-09-10 - 22:23 | over 11 years |
0.0.2 | Apache-2.0 | 1 | 2012-09-10 - 21:54 | over 11 years |
0.0.1 | Apache-2.0 | 1 | 2012-09-10 - 21:20 | over 11 years |